package com.example.aicloud.config;

import cn.hutool.jwt.JWT;
import cn.hutool.jwt.JWTUtil;
import com.example.aicloud.entity.SecurityUserDetails;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;

import java.io.IOException;

/**
 * @Description: 关于登录认证的过滤器
 * @Author Mr.Tang
 */

@Component
public class LoginAuthenticationFilter extends OncePerRequestFilter {

    @Value("${jwt.secret}")
    private String jwtSecret;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        // 1. 获取 JWT 令牌
        String token = request.getHeader("Authorization");
        // 2. 判断令牌是否为空
        if (StringUtils.hasLength(token)) {
            // 3. 如果不为空，进一步判断令牌的正确性
            if (JWTUtil.verify(token, jwtSecret.getBytes())){
                // 4. 获取用户信息存储到 Security 中
                JWT jwt = JWTUtil.parseToken(token);
                if (jwt != null && jwt.getPayload("uid") != null){
                    Long uid = Long.parseLong(jwt.getPayload("uid").toString()) ;
                    String username = (String) jwt.getPayload("username");
                    // 创建用户对象
                    SecurityUserDetails userDetails = new SecurityUserDetails(uid, username, "");
                    UsernamePasswordAuthenticationToken authentication =
                            new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                    authentication.setDetails(new WebAuthenticationDetailsSource()
                            .buildDetails(request));
                    // 设置凭证
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                }

            }

        }
        filterChain.doFilter(request, response);

    }
}
